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Description 

Background of the Invention 
Field of the Invention 

[0001] The present invention relates to a crypt key 
system that is used in a connnnencial trade or the like 
which uses a teievision system, a database system or 
an electronic data interchange. 

Prior Art 

[0002] In the information oriented society of today, in 
addition to a nonmai terrestrial broadcasting, satellite 
broadcasting which is referred to as a broadcasting sat- 
ellites (BS) and communication satellites (CS), or cable 
TV broadcasting, which is refen-ed to as CATV (cable 
teievision) using coaxial cables or optical cables, is get- 
ting prevalent. 

[0003] In a satellite broadcasting or CATV broadcast- 
ing which distributes several tens of channels at the 
same time, scrambled channels of such as films, sport 
events, and music which cannot be viewed through 
comprehensive contracts are provided in addition to un- 
scrambled general channels. In order to view these 
channels, it is necessary to subscribe to descramble the 
channels; however, a normal subscription period is 
about one-month unit, and It is impossible to view 
through temporary contracts. 

[0004] The inventor of the present invention proposed 
in the Japanese Patent Application Laid-Open No. 
JP-A-6-046419 (see also corresponding GB-A-2 269 
302) and the Japanese Patent Application Laid-Open 
No. JP-A-6-141004 (see also corresponding US-A-5 
504 933) a system in which users obtain a viewing per- 
mit key from a charging center via a communication line 
and charged, and descrambles programs scrambled 
each by respectively different scramble pattern, using 
the viewing permit key to view the programs; proposed 
in the Japanese Patent Application Laid-Open No. 
JP-A-6-1 32916 (see also corresponding GB-A-2 272 
822) an apparatus for the operation. 
[0005] In these system and apparatuses, those who 
wish to use scrambled programs make a request for 
viewing to the charging center via a communication line 
by using a communication apparatus. The charging 
center transmits the viewing pennit key to the commu- 
nication apparatus corresponding to the request for 
viewing while charging and collecting a fee. 
[0006] Users, on receiving the viewing permit key with 
the communication apparatus, transmit the viewing per- 
mit key to the receiving apparatus via direct means con- 
necting the communication apparatus and the receiving 
apparatus or via indirect means such as flexible disks 
or the like. The receiving apparatus to which the viewing 
pemnit key is transmitted descrambles the programs 
with the viewing pennit key and then the users use the 



programs. 

[0007] Said Japanese Patent Application Laid-Open 
No. JP-A-6-1 3291 6 describes a system and an appara- 
tus for selling and renting of a tape or a disk on which a 
5 plurality of data scrambled with a respective plurality of 
different scramble patterns are recorded to supply the 
viewing penmit key with IC cards or the like and use spe- 
cific data. 

[0008] In addition, in these days of an information-ori- 
10 ented society, a database system has been propagated 
for mutually using data which are kept independently by 
each of computers constituting a computer communica- 
tion network by LAN (local area network), WAN (wide 
area network), and inter-Net system mutually connect- 
'5 ing these networks. 

[0009] In the meantime, a technology has been de- 
veloped for reducing the infonnation amount by com- 
pressing a television moving picture signal which could 
not be digitized because of a huge amount of informa- 
20 tion as a result of digitization, to enable practical digiti- 
zation. So far, the H. 261 standard for video conference, 
the JPEG (joint photographic image coding experts 
group) standard for static pictures, the MPEG 1 (moving 
picture image coding experts group 1 ) standard for stor- 
es ing pictures and MPEG 2 corresponding to the present 
telecast and the high-definition telecast from the televi- 
sion broadcasting are prepared. 
[001 0] The digitization technology using these picture 
compression technology is used for the television 
30 broadcasting or the video picture recording. In addition, 
even television moving picture data which could not be 
dealt with before can be dealt with now, Then, the "mul- 
timedia system" which deals with various data dealt with 
by the computer and the digitized television moving pic- 
35 ture data has been focused as a future technology. 
[001 1] This multimedia system is also incorporated in 
the data communication and can be used as one data 
on the database. 

[0012] While the scope of usage of the database is 

40 expanded, the method for charging for the data usage 
on the database, and the method for dealing with cop- 
yright problems generated by copying, transmitting oth- 
er than direct usage of data, and also the secondary ex- 
ploitation right problem generated as a result of data edi- 

45 tion have become important problems. 

[0013] To safely deal with charging and copyrights 
processes, it is required that the data cannot be used 
by users other than authorized users, and data encryp- 
tion is the best means for it. 

50 [0014] In addition, an electronic market system has 
been investigated for converting infonnation in various 
kinds of transactions which have been carried out by pa- 
per documents so far, into electronic data to execute 
electronic transactions by using the electronic data in- 

55 terchangefortransmitting and receiving data by the data 
communication technology. In addition, an investigation 
is also made on the possibility of carrying out an elec- 
tronic settlement on the electronic commercial transac- 
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tion system. 

[0015] In the commercial transactions, reliability on 
the transaction details is required and security in the set- 
tlement is required. Consequently, in the electronic com- 
mercial transaction system and electronic settlement 5 
system in which such reliability and security are de- 
manded, it is required that the data is encrypted so that 
the data will not be falsified or used unjustifiedly. 
[0016] In these television systems, database systems 
or electronic commercial transaction systems or the like, 
the data is encrypted and thus a crypt key is required 
for decrypting the encrypted data to use. And the crypt 
key must be given to data users; however, the process- 
ing Is very troublesome because security and reliability 
are demanded. 

[0017] In the structure of the present invention, data 
cryptology acts an important part. In the beginning, a 
general explanation will be made on data cryptology. 
[0018] EP-A-0 506 435 discloses a crypt key system 
in which a key used in scrambling program data is twice 
encrypted and multiplexed with the scrambled signal. 
[0019] In data cryptology, the case in which the plain- 
text data M is encrypted by using a crypt key K to obtain 
cryptogram data C is represented as: 

C=:E (K, M), 

and the case in which the cryptogram data C is decrypt- 
ed by using the crypt key K to obtain the plaintext data 
M is represented as: 

M=D (K. C). 

[0020] As a typical method for the data cryptography 
technology, there are a secret- key cryptosystem and a 
public-key cryptosystem. The secret-key cryptosystem 
is a cryptosystem in which same secret key Ks is com- 
monly used in encryption and decryption: 

Cmks=E (Ks, M) 
M=D {Ks, Cmks). 

[0021] The public-key cryptosystem is a cryptosystem 
in which a key for encryption and a key for decryption 
are used as crypt keys, and the key for encryption is laid 
open but the key for decryption is not open. The key for 
encryption is referred to as a public-key Kb while the key 
for decryption is refen-ed to as a private-key Kv. To use 
this cryptosystem, an information sender encrypts the 
plaintext data M by the public-key Kb of a receiver 

Cmkb=E (Kb, M), 



and the receiver receives the data and decrypts it by a 
private-key Kv to obtain the plaintext data M 

M=D (Kv, Cmkb). 

[0022] In this public-key cryptosystem, cryptanalysis 
Is very difficult. 

[0023] As an application of the data cryptography 
technology, a digital signature process is performed as 
an electronic data authentication means to ensure the 
reliability of the data. 

[0024] The digital signature process is used with a se- 
cret-key system or a public-key system. Generally, the 
public-key system is used with the digital signature. 
[0025] In the digital signature process which is carried 
out by using the public-key system, the signer obtains 
a digital signature by encrypting a document m to which 
the document M is compressed with a hash algorithm, 
using the private-key Kv of the signer: 

Smkv=E (Kv, m) 

and transmits the original document M or the com- 
pressed document m and the digital signature Smkv to 
the receiver. 

[0026] The receiver decrypts the digital signature Sm- 
kv by using the public-key Kb of the signer 

m'=D (Kb, Smkv). 

When m'=m is established, it is recognized that the sig- 
nature is correct. 

[0027] EP-A-0 438 154 discloses a multimedia net- 
work system in which payload data are transmitted en- 
crypted by a secret key, and wherein a public key system 
is used for exchanging the secret key between the com- 
municating parties. 

[0028] As a method for providing these crypt keys to 
users, the inventor of the present invention proposed an 
invention entitled "crypt key system" in the prior Japa- 
nese Patent Application No. 6-70643 (filed 08.04.1994 
and published under JP-A-7 283 809 and corresponding 
EP-A-0 676 897). 

[0029] In the generally practiced crypt key system, the 
crypt key is provided only to users while the crypt key is 
provided to persons otherthan the users in the crypt key 
system of this prior Invention. 
[0030] Fig. 1 shows the structure of the crypt key sys- 
tem proposed in the Japanese Patent Application No. 
6-70643. 

[0031] This system comprises a broadcasting station 
1 for multiplex broadcasting such as BS, CS, terrestrial 
broadcasting or FM or the like or data broadcasting, a 
database 2, a charging center 3, a receiving apparatus 
4, data communication apparatus 5 and a user's termi- 
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nal 8. 

[0032] The broadcasting station 1 and the database 
2, and the database 2 and the charging center 3 are con- 
nected to each other via a connmunication line such as 
a dedicated line or the like or flexible disc or the like, s 
The database 2 and the data connmunication apparatus 
5 are connected by a communication line 7 such as a 
communication line or CATV line. 
[0033] The broadcasting station 1 and the receiving 
apparatus 4 are connected with the broadcasting radio 
wave 6. The receiving apparatus 4 and the user terminal 
apparatus 8, and the data communication apparatus 5 
and the user temninal 8 are connected with a direct 
means such as a connection cable or an Indirect means 
such as a flexible disc. 

[0034] In Fig. 1, what is shown with a solid line is a 
path of infomnation which is not encrypted. What is 
shown with a broken line Is a path of data which is en- 
crypted. 

[0035] In this system, the database 2 preliminarily 
supplies a permit key Kp (hereinafter referred to as a 
"permit key") including the crypt key Kd which Is different 
from one data to another to the broadcasting station 1 . 
The permit key Kp is explained in such a manner that 
the permit key Kp constitutes the crypt key Kd only for 
better understanding. 

[0036] In some cases, the crypt key Kd is supplied 
without being encrypted, and In other cases. It Is en- 
crypted by using a common crypt key KO 

CkdkO=E (KO, Kd), 

and is supplied as an encrypted crypt key CkdkO. 
[0037] In the case where the crypt key Kd Is encrypted 
and supplied, a common crypt key KO for decrypting the 
encrypted crypt key CkdkO is supplied to users. This 
common crypt key KO Is supplied when users register 
with the database, or It Is supplied to the users together 
with the encrypted data Cmkd when the encrypted data 
Cmkd is transmitted. 

(a) In the case where the crypt key Is not encrypted: 

[0038] In this crypt key system, the broadcasting sta- 
tion 1 broadcasts the crypt key Kd supplied from the da- 
tabase 2, by using the radio wave 6. 
[0039] The receiving apparatus 4 supplies the re- 
ceived crypt key Kd to the user terminal 8 so that the 
usertemiinal 8 stores the received crypt key Kd in a re- 
cording medium such as a semiconductor memory, a 
flexible disc, a hard disc or the like. 
[0040] The users who wish to use data make a re- 
quest for the data M to the database 2 via the commu- 
nication line 7 by using the data communication appa- 
ratus 5. 

[0041] The database 2 which has received the re- 
quest for the data M encrypts the data M by the crypt 



key Kd which Is a pemnlt key Kp 

Cmkd=E (Kd, M). 

and transmits the encrypted data Cmkd to the data com- 
munication apparatus 5 of users via the communication 
line 7 and charges the user with the charging center 3. 
[0042] The data communication apparatus 5 supplies 
the received encrypted data Cmkd to the usertemiinal 
8 while the user terminal 8 decrypts the encrypted data 
Cmkd by the crypt key Kd which is stored in the record- 
ing medium 

M=D (Kd, Cmkd), 

(b) In the case where the crypt key Is encrypted and the 
common crypt key Is preliminarily distributed to users: 

[0043J In this crypt key system, when users register 
to use the database, the common crypt key KO is sup- 
plied to the users with a recording medium such as ROM 
or flexible disc and the supplied common crypt key KO 
is stored in the usertemninal 8. 
[0044] The database 2 encrypts the crypt key Kd by 
using the common crypt key KO 

Ckdk0=:E (KO, Kd), 

and supplies the encrypted crypt key CkdkO to the 
broadcasting station 1 . 

[0045] The broadcasting station 1 broadcasts the re- 
ceived encrypted crypt key CkdkO supplied from data- 
base 2 by using the radio wave 6. 
[0046] The receiving apparatus 4 supplies die re- 
ceived encrypted crypt key CkdkO to the user temninal 
8 which decrypts the encrypted crypt key CkdkO in the 
beginning by the preliminarily stored common crypt key 
KO 

Kd=D (KO, CkdkO). 

and stores the decrypted crypt key Kd in a recording me- 
dium such as a semiconductor memory, a flexible disc 
or a hard disc. 

[0047] Users who wish to use data make requests for 
the data M to the database 2 via the communication line 
7 by using the data communication apparatus 5. 
[0048] The database 2 which receives a request for 
the data encrypts the requested data M by the crypt key 
Kd 

Cmkd=E (Kd. M). 
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and transmits it to the data communication apparatus 5 
via the communication line 7 and charges the user with 
the charging center 3. 

[0049] The data communication apparatus 5 supplies 
the received encrypted data Cmkd to the user terminal 
8 which decrypts the encrypted data Cmkd by the stored 
crypt key Kd 

M=D (Kd, Cmkd). 

(c) In the case where the crypt key is encrypted and the 
common crypt key is distributed to the user together with 
the encrypted data: 

[0050] In this crypt key system, the database 2 en- 
crypt the crypt key Kd by the common crypt key KG 

CkdkO=E (KG. Kd) 

and supplies it to the broadcasting station 1 . 
[0051] The broadcasting station 1 broadcasts the en- 
crypted crypt key CkdkO which has been supplied from 
the database 2, by using the radio wave 6. 
[0052] The receiving apparatus 4 supplies the re- 
ceived encrypted crypt key CkdkO to the user terminal 
8. The user temninal 8 stores the encrypted crypt key 
CkdkO in a recording medium such as a semiconductor 
memory, a flexible disc, or a hard disc or the like. 
[0053] Users who wish to use data make a request for 
the data M to the database 2 via the communication line 
7 by using the data communication apparatus 5. 
[0054] The database 2 which receives the request for 
the data encrypts the requested data M by the crypt key 
Kd 

Cmkd=E (Kd, M), 

and transmits It to the data communication apparatus 5 
via the communication line 7 together with the common 
crypt key KG and charges the user with the charging 
centers. 

[0055] The data communication apparatus 5 supplies 
the received encrypted data Cmkd and the common 
crypt key KO to the user terminal 8. The user tenninal 8 
decrypts the encrypted crypt key CkdkO which has been 
stored in the recording medium by the common crypt 
key KO 

Kd=D (KO, CkdkO), 

and decrypts the encrypted data Cmkd by the decrypted 
crypt key 



Kd IVI=:D (Kd. Cmkd). 
Summary of the Invention 

5 

[0056] The problem of the present invention is to pro- 
vide a crypt key system which prevents unjustified use 
of a database system, In a pay-per-view system or a vid- 
eo-on-demand system. This problem is solved by a 
10 crypt key system according to claim 1 . Further improve- 
ment of the crypt key system of claim 1 is provided in 
the dependent claim. 

[0057] This system comprises a broadcasting station, 
a database, a receiving apparatus, a data commu pica- 
's tion apparatus, and a user tenninal. As crypt key sys- 
tems, a secret-key cryptosystem and a public- key cryp- 
tosystem are used. In addition, a digital signature may 
be used, and the crypt key is supplied through broad- 
casting. 

20 [0058] The present invention is a useful means in the 
realization of a database system, a pay-per-view system 
or a video-on-demand system, an electronic market us- 
ing an electronic data interchange system. 

25 Brief Description of the Drawings 

[0059] 

Fig. 1 is a structural view of a crypt key system ac- 
30 cording to the prior applications. 

Fig. 2 is a structural view of the crypt key system ac- 
cording to a first embodiment of the present in- 
vention. 

35 

Embodiments 

[0060] Embodiments of the present invention will be 
described by using Fig. 2. 

40 

[Embodiment 1] 

[0061] A system shown in Fig. 2 is a crypt key system 
of the embodiment in which the present invention is ap- 

45 plied to a database system. This system comprises a 
broadcasting station 11 with either a multiplex broad- 
casting of BS, CS, a terrestrial wave television, or FIVl 
broadcasting or the like, or data broadcasting by a digital 
broadcasting, a database 12 in which various kinds of 

50 data including moving picture data is stored, a charging 
center 13, a receiving apparatus 1 4 for receiving the da- 
ta broadcasting offered by the broadcasting station 11 , 
a data communication apparatus 15 for communicating 
with the database 12 and a user terminal 18 for using 

55 the data. 

[0062] The database 1 2 and the broadcasting station 
11 , and the database 12 and the charging center 13 are 
connected with a direct means connecting with a com- 
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munication line such as a dedicated line or an indirect 
nneans such as a flexible disc or the like. The database 
12 and the data comnnunication apparatus 15 connect- 
ed with a connnnunication line 1 7 such as a comnnunica- 
tion line, or CATV line or the like. Then, the broadcasting 
station 1 1 and the receiving apparatus 1 4 are connected 
with a radio wave 1 6 such as a terrestrial wave television 
broadcasting, satellite television broadcasting, CATV 
broadcasting, FM broadcasting or a satellite data broad- 
casting or the like. The receiving apparatus 14 and the 
user temninal 1 8, and the data connmunication appara- 
tus 15 and the user .temninal 18 are connected with a 
direct means such as a connection cable or an indirect 
means such as a flexible disc or the like. 
[0063] What is shown with a solid line in Fig. 2 is an 
uncrypted data path and what is shown with a broken 
line is an encrypted data path. 
[0064] I ncidentally, data exchange between the data- 
base 12 and the broadcasting station 11 , and the data- 
base 1 2 and the charging center 1 3 are, in principle, car- 
ried out with a dedicated line or a flexible disc. In addi- 
tion, a public line, a broadcasting satellite, a communi- 
cation satellite or a terrestrial wave broadcasting can be 
used. In such a case, the data is encrypted. 
[0065] In this system, the secret-key cryptosystem 
and the public-key cryptosystem are used. 
[0066] The database 12 prepares the public-key Kbd 
and the private-key Kvd to supply the public-key Kbd to 
the broadcasting station 1 1 , The broadcasting station 1 1 
which receives the public-key Kbd broadcasts it by a 
teletext multiplexing broadcasting using scanning lines 
during the retrace blanking interval period of an analog 
television picture signal, the data broadcasting using a 
sub audio band of the analog television audio signal, FM 
multiplex data broadcasting or digital data broadcasting. 
[0067] Further, in this case, a digital signature of the 
database 11 can be added to the public-key Kbd. 
[0068] The data may be supplied without encrypting 
the menu, the titles of data which can be used, the con- 
tent introduction of the data, product catalogs, order 
fornns, blank checks and/or the copyright infomnation for 
the convenience of the data usage. 
[0069] The receiving apparatus 14 which receives the 
transferred public-key Kbd sends the public-key Kbd to 
the user temninal 18. The user terminal 18 which re- 
ceives the transferred pub lie- key Kbd stores the public- 
key Kbd in a recording medium such as a semiconductor 
memory, a flexible disc, or a hard disc or the like. 
[0070] Users who select the data which they request 
for usage by means of menu or the introduction of con- 
tents request for the use of data M to the database 12 
via a communication line 1 7 by the data communication 
apparatus 15. 

[0071] At this time, the user encrypts by the public- 
key Kbd of the database 12 his own secret-key Ksu 

Cksukbd=E (Kbd, Ksu) 



and transmits it to the database 12. 
[0072] The database 12 decrypts the encrypted se- 
cret-key Cksukbd of the user by the private-key Kvd 

^ Ksu=D (Kvd, Cksukbd) 

and encrypts the data M which is requested for use by 
the decrypted user secret-key Ksu 

10 

Cmksu=E (Ksu, M), 

and transmits it to the communication apparatus 15 of 
15 the user via the communication line 1 7. 

[0073] The user who receives the data Cmksu en- 
crypted by own secret-key Ksu decrypts the encrypted 
data Cmksu with the usertenninal 18 

20 

M=rD (Ksu, Cmksu) 

to use it. 

[0074] This system is provided with charging center 
25 13 which is incorporated within the database 12. This 
charging center 1 3 is used when the data is provided on 
a pay basis. In the case where the data is one which is 
provided for free such as shopping information or the 
like, this charging center 13 is not used. However, even 
30 if data are provided for free, such as shopping infomna- 
tion or the like, the charging center is used in the case 
where charges are to be settled along with orders. 

[Embodiment 2] 

35 

[0075] In the aforementioned embodiment, the public- 
key Kbd of the data managing center is broadcast from 
the broadcasting station instead of the communication 
line. Thus, it is impossible to confirm whether the public- 
40 key Kbd is justified or not. 

[0076] In such a case, the private-key Kvd of the data 
managing center is used for digital signature to the pub- 
lic-key kbd of the data managing center 

''^ Skbdkvd=E (Kvd, Kbd) 

to be broadcast together with the public-key Kbd of the 
data managing center 
50 [0077] The user recognizes the digital signature Skb- 
dkvd by the received public-key Kbd of the data manag- 
ing center 

55 Kbd=D (Kbd, Skbdkvd) 

and when it is justified, uses the public-key 

[0078] Figs. 3(a) through 3(c) show modified exam- 



6 



11 



EP 0 719 045 B1 



12 



pies which use a crypt key system according to the 
present invention. 

[0079] To each example which has a structure as 
shown In figure 3 Is applied the crypt key system, in elec- 
tronic market transaction using the electronic data Inter- 5 
change system, to the credit settlement In retail shops 
shown In Fig. 3(a); the settlement by means of an elec- 
tronic check shown In Fig. 3(b); and the wholesale con- 
ducted by makers and the like shown in Fig. 3(c). 
[0080] In these systems, a digital signature is used in io 
addition to the secret-key cryptosystem. These systems 
comprise a user 42, and a retail shop 43, a financial or- 
ganization 44 or a wholesaler 45 such as a maker the 
like which is a World Wide Web (WWW) server on the 
internet. '5 

[Embodiment 3] 

[0081] In the credit settlement in the shop shown in 
Fig. 3(a), the shop 43 broadcasts data Ms such as an 20 
order form format, a credit card format, advertisements, 
catalogs, preview, products description, and content in- 
troduction of a database, and menu, charge schedule 
and price list, via the satellite 41 and a CATV line. 
[0082] User 42 who receives the data Ms such as an 25 
order fonn fomnat and a public-key Kbs of a shop 43 
encrypts the user secret-key Ksu by the public-key Kbs 
of the shop 43 

30 

Cksukbs=E (Kbs, Ksu) 

and enters Mu items such as the order content, the pay- 
ment amount and a credit card number with encrypted 
by the secret-key Ksu of user 42 on the basis of infor- 35 
mation such as advertisement, catalog, products de- 
scription and charges/prices list 

Cmuksu=E (Ksu, Mu), 

when needed, compresses Mu into a compressed doc- 
ument mu and signs digital signature by the private-key 
Kvu of the user 42 

45 

Smukvu=E (Kvu, mu), 

and transmits it to shop 43 attached with the public-key 
Kbu of the user 42 via the network 47. so 
[0083] The shop 43 which has received the order de- 
crypts the encrypted secret- key Cksukbs of the user 42 
by the private-key Kvs of the shop 43 

55 

Ksu=D (Kvs, Cksukbs), 
and decrypts the encrypted order document Cmuksu by 



the decrypted secret-key Ksu of the user 42 

Mu=D (Ksu, Cmuksu). 

[0084] Then, order acceptance is executed. 
[0085] When the digital signature Smukvu is recog- 
nized by the public-key Kbu which the user 42 attached 

mu=:D (Kbu, Smukvu), 

a receipt is sent to the user 42 via the network 47. 
[0088] In this system, it is possible to prevent the un- 
justified use of the credit card number because the credit 
card number entered in the orderform is sent encrypted. 
[0087] Further, the following process enables reliable 
transaction: 

[0088] The shop 43 compresses the digital data Msl 
of the order forni fonnat, the credit card fonn at, adver- 
tisement, catalog, a preview, products description, and 
content introduction of the database and menu/charge 
schedule/price list into a compressed document msl , 
with digital signature by the private-key Kvs of the shop 
43 

SmsIkvs=E (Kvs, msl) 

and broadcasts it attaching the public-key Kbs of the 
shop 43 so that users recognizes the digital signature 
Smslkvs by using the public-key kbs of the shop 43 

ms'=D (Kbs, Smskvs). 

[Embodiment 4] 

[0089] In the settlement by means of electronic 
checks shown in Fig. 3(b), the bank as financial organ- 
ization 44 broadcasts the blank check format Mf which 
is digital data attached with the public-key Kbf of the 
bank 44 via the satellite 41 or the CATV line. 
[0090] The user 42 who receives the blank check for- 
mat Mf encrypts the secret-key Ksu of the user 42 by 
the bank public-key Kb 

Cksukbf=E (Kbf, Ksu), 

enters Mu items concerning a payee and the payment 
amount with encrypted by the secret-key Ksu of the user 
42 

Cmksu=E (Ksu, Mu), 
when needed, compresses Mu to the compressed doc- 
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ument mu, and sign by digital signature by using the pri- 
vate-key Kvu of the user 42 

Snriul<vu=E (Kvu, nnu) ^ 

and transmits them attaching the public-key Kbu of the 
user 42 and the encrypted secret-key Cksukbf of the us- 
er 42 which is encrypted by the public-key Kbf of the 
bank 44 to the bank 44 via the network 47. io 
[0091] The bank 44 which receives the described 
check uses the bank private-key Kvf to decrypt the en- 
crypted secret-key Cksukbf of the user 42 

15 

Ksu=D (Kvf, Cksukbf), 

decrypts the encrypted data Cmuksu of the payee and 
the payment amount by the decrypted user secret-key 
Ksu 20 

Mu=D (Ksu, Cmuksu) 

and recognizes the described content, and the currency 25 
exchange process is executed. 
[0092] Furthermore, the bank recognizes the user 42 
by Smuksu with the digital signature using the public- 
key Kbu added by the user 42 

30 

mu' =D (Kbu, Smuksu), 

encrypts the confimnation document Ms2 by the public- 
key Kbu added by the user 42 35 

Cms2kbu-E (Kbu, Ms2) 

and sends it back to the user 42 via a network 47. 40 
[0093] The user who receives the encrypted confir- 
mation document Cms2kbu from the bank 44 decrypts 
the encrypted confirmation document Cms2kbu by the 
private-key Kvu of the user 42 

45 

Ms2=D (Kvu, Cms2kbu) 
and confinns the content. 

[0094] According to the system, since the party to so 
which the payment is made and the payment amount 
are encrypted and described in the check, it is possible 
to prevent the unjustified use of the content described 
in the check. 

[0095] In addition, the blank check format Mf which is 55 
digital data is compressed into a compressed document 
mf and signed by digital signature by using the private- 
key Kvf of the bank 44 



Smfkvf=E (Kvf, mf) 

to be broadcast attaching the public-key Kbf of the bank 
44. The user recognizes the digital signature Smskvs by 
the public-key Kbs of the bank 44 

mf'=D (Kbf, Smfkvf). 

[0096] The confirmation document Ms is further com- 
pressed into a compressed document ms with digital 
signature by using the public-key Kbu added by the user 

Smskbu=E (Kbu, ms) 

[0097] Thus, the bank can recognize the user who has 
entered on the check. 

[0098] In the systems shown in Figs. 3 (a) through 3 
(c), since each format and advertisement with no need 
of secrecy are broadcast via satellite or CATV broad- 
casting, the data can be effectively transmitted. 
[0099] As explained above, a multimedia system can 
be realized which combines general infonnation media 
such as television broadcasting and audio broadcasting 
with data communication media using computers by us- 
ing the crypt key system of the present invention, while 
the general infonnation media and the data communi- 
cation media has been existing so far as an independent 
system each. 

[01 00] A concrete structure for realizing the multime- 
dia system will be explained as follows. 
[0101] The current television broadcasting is provided 
by means of an analog system through terrestrial wave 
broadcasting, satellite broadcasting or CATV broad- 
casting. In the meantime, a most general data commu- 
nication line is a public telephone line. 
[0102] In such a system stmcture, the crypt key sys- 
tem according to embodiment 1 shown in Fig. 2 can be 
used as a basic structure of a system for realizing a vid- 
eo-on-demand. The broadcasting station broadcasts 
the public-key Kbb in multiplexing with the sub audio 
band of an audio zone in the scanning line of the vertical 
retrace interval of an analog television broadcasting pro- 
gram. 

[01 03] Users who wish to use the television program 
encrypt their own secret-key Ksu by the public-key Kbb 
broadcast from the broadcasting station 

CKsukbb=E (Kbb, Ksu) 

and request for the usage by transmitting the encrypted 
secret-key CKsukbb to the broadcasting station via a 
communication line. 

[01 04] The broadcasting station decrypts the encrypt- 
ed secret-key CKsukbb of the users by the private-key 
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Kvb of the broadcasting station 

ksu=D (Kvb, Cksukbb) 

scrambles the broadcasting program by the decrypted 

secret-key Ksu and broadcasts it. 

[01 05] The users descramble the scrambled program 

for use by their own secret-key Ksu. 

[0106] By adopting such a structure, persons other 

than users those who request to use the program cannot 

use the program, 

[0107] Further, a crypt key system can be applied to 
television shopping which is frequently conducted cur- 
rently by combining the television broadcasting and the 
telephone. 

[0108] In the currently conducted television shopping 
which uses the analog television broadcasting, product 
introduction and sales method are presented on the tel- 
evision screen so that users record infomnation on the 
sales method manually and request for the purchase 
thereof by a telephone on the basis of the recorded in- 
fomnation. 

[0109] In contrast thereto, the crypt key system ac- 
cording to the present Invention proposes a transmis- 
sion of data of the order format and the check fomriat in 
multiplexing with the scanning line of the vertical retrace 
interval or the sub audio band of the audio zone. 
[Oil 0] In the meantime, an apparatus called personal 
computer television set which integrates a personal 
computer and a television set, or an apparatus which 
combines a video capture device which is realized as 
an IC card, a PC card or an insertion board and a per- 
sonal computer, allows incorporation of the television 
picture. 

[0111] With the combination of the multiplex data 
such as an order fomnat and a check fomnat with a video 
capture device, an electronic television shopping can be 
conducted. 

[01 12] In such a television shopping, when the televi- 
sion shopping product Introduction display is broadcast, 
the order fomnat and the check fonnat are broadcast in 
data multiplex with the scanning line of the vertical re- 
trace Interval or the sub audio band of the audio zone. 
[0113] If the users operate the apparatus when the 
product introduction display of the desired product to 
purchase is broadcast, the order fomnat and the check 
fomnat data are Incorporated with the static display pic- 
ture. 

[01 1 4] Users who wish to use the television shopping 
enter necessary items on the order fonnat or check for- 
mat to request for the purchase. To secure the safety of 
the transaction at this time, encryption by the public-key 
cryptosystem or the secret-key cryptosystem and digital 
signature are used with the system according to the em- 
bodiments of the present invention. 
[0115] At this time, the content of transaction can be 
confimned when the purchase order is requested by 



adding the static display picture of the product Introduc- 
tion together with the order and the check. 
[01 16] As a simple method, the order form format and 
the check format may be also transmitted as a television 
5 picture so that necessary Items are entered on the order 
format and the check format which are Incorporated as 
a static display picture. 

[0117] In addition, the order form format and the 
check fonnat can be transmitted via facsimile broad- 
10 casting which is multiplexed with the sub audio band of 
the audio zone. 

[0118] By adopting such a method, an electronic mar- 
ket using electronic data interchange (EDI) by means of 
a current analog television method can be realized with 
15 the television shopping. 

[01 1 9] These video-on-demand system and pay-per- 
view system can be applied to the digital television 
broadcasting other than the analog television broad- 
casting. 

20 [0120] Further, these video-on-demand system and 
pay-per-view system can be also applicable to transmis- 
sion of high-quality audio data and moving picture data 
perfomned in computer communication network system, 
using low-speed public telephone line or high-speed In- 

25 tegrated services digital network (ISDN) or in internet 
system connecting a plurality of computer communica- 
tion network. 

[0121] As an apparatus to be used, the receiving ap- 
paratus and the communication apparatus can be incor- 
30 porated in the television set. Apparatuses can be also 
constituted as a separate apparatus by using a set top 
box or the like. 

[0122] In addition, a constitution with an apparatus re- 
ferred to as a personal computer television set which is 
35 gradually prevalent, or an apparatus combining a video 
capture device, which is realized as an IC card a PC 
card or an insertion board for transmitting a television 
signal, to the personal computer, can be used. 

40 

Claims 

1 . A crypt key system comprising a broadcasting sta- 
tion (11), a database (12), a receiving apparatus 

45 (14), a data communication apparatus (15) and a 
user terminal (18), wherein 
said database (12) and said broadcasting station 
(11) are connected with an online communication 
means, such as a dedicated line or the like, or an 

50 off-line means, such as a flexible disc or the like; 
said database (12) and said data communication 
apparatus (15) are connected with a communica- 
tion line (17); 

said broadcasting station (11) and said receiving 
55 apparatus (14) are connected with a radio wave 
(16); 

said receiving apparatus (1 4) and said usertemninal 
(1 8) are connected with direct online means or with 
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off-line means, such as a flexible disc; 

said data comnnunicatlon apparatus (15) and said 

user terminal (18) are connected with direct online 

means or with off-line means, such as a flexible 

disc; 

said database (12) prepares a pair of a public-key 
and a private-key and supplies said public-key to 
said broadcasting station (11); 
said broadcasting station (11) broadcasts said pub- 
lic-key; 

said receiving apparatus (14) transmits said public- 
key, that has been received from said broadcasting 
station, to said user terminal (18); 
said usertemiinal (18) stores said transmitted pub- 
lic-key; 

said user temriinal encrypts a secret-key of the user 
by said stored public-key and transmits said en- 
crypted secret-key at the time of a request for data 
which the user desires, to said database (12) via 
said communication line (17); said database (12) 
which has received the request for data decrypts 
said encrypted secret-key of said user by said pri- 
vate-key, encrypts the data by said decrypted se- 
cret-key of said user and transmits the data to said 
data communication apparatus (15) via said com- 
munication line (17); and 

said data communication apparatus (15) transmits 
the received data to said user terminal (18) which 
decrypts said data by said secret- key 

2. A crypt key system according to claim 1 wherein a 
digital signature of said database (12) is broadcast 
in addition to said public-key 



Patentanspriiche 

1. Verschlusselungssystem mit einer Rundsendesta- 
tion (11) einer Datenbank (12), einer Empfangsvor- 
richtung (14), einer Datenkommunikationsvomch- 
tung (15) und einem Benutzerendgerat (18), bei 
dem 

die Datenbank (12) und die Rundsendestation (11) 
mit einer Online-Vertindungsvorrichtung wie einer 
ausschlielBlich zugeordneten Leitung oder derglei- 
chen Oder einer Offline-Vorrichtung wie einer flexi- 
blen Scheibe oder dergleichen verbunden sind; 
die Datenbank (1 2) und die Datenkommunikations- 
vorrichtung (15) mit einer Kommunikationsleitung 
(17) verbunden sind; 

die Rundsendestation (11) und die Empfangsvor- 
richtung (14) durch eine Radiowelle (1 6) verbunden 
sind; 

die Empfangsvorrichtung (14)und das Benutze- 
rendgerat (18) mit einer direkten Online-Vorrich- 
tung Oder mit einer Offline- Vomchtung wie einer fle- 
xiblen Scheibe verbunden sind; 
die Datenkommunikationsvon-ichtung (15) und das 



Benutzerendgerat (18) mit einer direkten Online- 
Vorrichtung oder mit einer Offline-Vorrichtung wie 
einer flexibten Scheibe verbunden sind; 
die Datenbank (12) ein Paar aus einem offentlichen 
5 Schlussel und einem privaten Schlussel vortereitet 
und den offentlichen Schlussel zu der Rundsende- 
station (11) liefert; 

die Rundsendestation (11) den offentlichen Schlus- 
sel sendet; 

10 die Empfangsvomchtung (14) den offentlichen 
Schlussel, der von der Rundsendestation empfan- 
gen wurde, zu dem Benutzerendgerat (18) uber- 
tragt; 

das Benutzerendgerat (18) den iibertragenen 6f- 

15 fentlichen Schlussel speichert; 

das Benutzerendgerat einen Geheimschliissel des 
Benutzers durch den gespeicherten offentlichen 
Schlussel yerschlusselt und den verschlusselten 
GeheimschlCissel zu der Zeit einer Anforderung von 

20 Daten, welche der Benutzer wiinscht, uber die 
Kommunikationsleitung (1 7) zu der Datenbank (1 2) 
ubertragt; 

die Datenbank (1 2), die die Anforderung von Daten 
empfangen hat, den verschlusselten Geheim- 

25 schlussel des Benutzers durch den privaten 
Schlussel entschlusselt, die Daten durch den ent- 
schlusselten GeheimschlCissel des Benutzers ver- 
schlusselt und die Daten uber die Kommunikations- 
leitung (17) zu der Daten kommuni kationsvorrich- 

30 tung (15) ubertragt; und 

die Datenkommunikationsvorrichtung (1 5) die emp- 
fangenen Daten zu dem Benutzerendgerat (18) 
ubertragt, das die Daten durch den GeheimschlCis- 
sel entschlusselt. 

35 

2. Verschlusselungssystem nach Anspruch 1 , bei dem 
eine digitale Unterschrift der Datenbank (12) zu- 
satzlich zu dem offentlichen Schlussel durch Rund- 
sendung ubertragen wird. 

40 

Revendications 

1 . Systeme a cle de cryptage comprenant une station 
45 de radiodiffusion (11), une base de donnees (12), 
un appareil r6cepteur (14), un appareil de commu- 
nication de donnees (15) et un terminal utilisateur 
(18), dans lequel 

ladite base de donn6es (12) et ladite station de ra- 
50 diodiffusion (1 1 ) sent connect6es par un moyen de 
communication en ligne, tel qu'une ligne dediee ou 
equivalent, ou un moyen autonome, tel qu'une dis- 
quette ou analogue ; 

ladite base de donnees (12) et ledit appareil de 
55 communication de donnees (15) sent connectes 
par une ligne de communication (1 7) ; 
ladite station de radiodiffusion (11) et ledit appareil 
recepteur (14) sent connectes par une onde radio 
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(16): 

ledit appareil r6cepteur (14) et ledit terminal utilisa- 
teur (1 8) sont connect6s par un moyen en ligne di- 
rect ou par un moyen autonome, tel qu'une 
disquette ; ^ 
ledit appareil de communication de donndes (15) et 
ledit terminal utilisateur (1 8) sont connect6s par un 
moyen direct en ligne ou par un moyen autonome, 
tel qu'une disquette ; 

ladite base de donn^es (12) prepare une paire io 
d'une cl6 publique et d'une cl6 priv6e, et fournit la- 
dite cl^ publique k ladite station de radlodiffusion 
(11); 

ladite station de radlodiffusion (11) 6met ladite cl6 
publique ; 

ledit appareil recepteur (14) transmet ladite cle pu- 
blique, qui a ^t6 re9ue depuis ladite station de ra- 
dlodiffusion, vers ledit temiinal utilisateur (18) ; 
ledit terminal utilisateur (18) stocke ladite cle publi- 
que transmise ; 20 
ledit terminal utilisateur crypte une cl6 secrete de 
I'utilisateur par ladite cl6 publique stock6e et trans- 
met ladite cle secrete cryptee, au moment d'une de- 
mande de donn^es que souhaite rutilisateur, vers 
ladite base de donn6es (12) via ladite ligne de com- 25 
munication (17) ; 

ladite base de donnees (12), qui a re^u la demande 
de donnees, decrypte ladite cle secrete cryptee du- 
dit utilisateur par ladite cl6 priv6e, crypte les don- 
nees par ladite cle secrete decrypt6e dudit utiiisa- 30 
teur, et transmet les donnees vers ledit appareil de 
communication de donn6es (15) via ladite ligne de 
communication (17) ; et 

ledit appareil de communication de donnees (15) 
transmet les don nees revues vers ledit temiinat uti- 35 
lisateur (18), qui d6crypte lesdites donn6es par la- 
dite cl6 secrete. 

2. Systfeme h cl6 de cryptage selon la revendication 
1 , dans lequel une signature numerique de ladite ^0 
base de donnees (12) est emise en plus de ladite 
cle publique. 
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FIG. 1 
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FIG. 2 
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FIG. 3(a) 
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FIG. 3(b) 
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FIG. 3(c) 
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